Failing to Measure Cybersecurity Effectiveness?

September 28, 2017 | Views: 2832

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Are you failing to measure cybersecurity effectiveness? Well, now you can find out with the State of Cyber Security Metrics Annual Report 2017

Exploring the shameful state of cybersecurity metrics, failures in planning and performance, the lack of resources cited as a major hurdle and how small business are especially vulnerable; This report provides an in-depth understanding of the necessity of cybersecurity metrics and how they can help your business survive a cyber-attack.

Here’s a sneak peek:

  • 58% scored a failing grade in measuring the effectiveness of cybersecurity investments and performance.
  • 4 out of 5 companies worldwide are not fully satisfied with their cybersecurity metrics.
  • 1 in 3 companies invest in cybersecurity without any way to measure its value.

SMI Report - Executive Summary

Key Findings: Most Companies are Failing at Cyber Security Metrics

With over 400 global business and security executives participating in this benchmark survey, more than half of respondents scored an “F” or “D” grade when evaluating their efforts to measure their cybersecurity investments and performance against best practices. Based on internationally accepted standards for security embodied in ISO 27001, as well as best practices from industry experts and professional associations, the Security Measurement Index benchmark survey provides a comprehensive way to define how well an organization is measuring the effectiveness of its IT security. Most survey respondents do not feel confident about how they are measuring the value of their cybersecurity investments, and 80% stated that they are not fully satisfied with the metrics available.

Failures in Planning

With global companies and governments spending more than $100 billion a year on cybersecurity defenses, a substantial number—32 percent—of companies are making business decisions and purchasing cyber security technology blindly. Even more disturbing, over 80 percent of respondents fail to include business users in making cyber security purchase decisions, nor have they established a steering committee to evaluate the business impact and risks associated with cybersecurity investments.

Failures in Performance

With Ransomware causing major havoc in the past year, it’s alarming that so many organizations are uncertain whether they have backed up information properly and if they can recover it in a timely manner. Nearly two out of three businesses (64%) among survey respondents fail to recover timely, or in a way that aligned with their disaster recovery plan.

Download the full report to continue.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?